[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What's really in PGP 5.5?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 08:48 PM 10/7/97 -0500, Bruce Schneier wrote:
If this is true (and I have no reason to believe it isn't), then why is the
key escrow code written (although not turned on) in the source code for 5.0
that was posted internationally from PGP?
I just got through talking to one of the developers, and think I found what
you're talking about, Bruce.
In "pgp.c" of the Unix 5.0 published edition, there's some old Viacrypt code
with a comment that says, 'This is our version of "Commercial Key Escrow"' but
in fact just adds an additional recipient to the encryption list.
It is not in any shipping PGP product. If there's anything to laugh about
in all
this, if you try to use the feature in the Unix freeware, it core-dumps. It
doesn't appear at all in the Mac and Windows code.
It's completely gone as of now.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP for Business Security 5.5
iQA/AwUBNDwkNn35wubxKSepEQJMvACfWZHVKkYswR9xLibuY8496a4GcaAAoNSB
Yda/tOiQA1vLGocTL0N6XVj1
=LNYn
-----END PGP SIGNATURE-----
-----
Jon Callas [email protected]
Chief Scientist 555 Twin Dolphin Drive
Pretty Good Privacy, Inc. Suite 570
(415) 596-1960 Redwood Shores, CA 94065
Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
665B 797F 37D1 C240 53AC 6D87 3A60 4628 (RSA)